Skip to content

Commit e982bb0

Browse files
liqiang-fit2cloudliqiang-fit2cloud
committed
feat: add MAXKB_SANDBOX_PYTHON_BANNED_KEYWORDS env to ban keywords in tool content.
1 parent 2b89fc0 commit e982bb0

File tree

2 files changed

+9
-1
lines changed

2 files changed

+9
-1
lines changed

apps/common/utils/tool_code.py

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ def __init__(self, sandbox=False):
2626
self._createdir()
2727
if self.sandbox:
2828
os.system(f"chown -R {self.user}:root {self.sandbox_path}")
29+
self.banned_keywords = CONFIG.get("SANDBOX_PYTHON_BANNED_KEYWORDS", 'nothing_is_banned').split(',');
2930

3031
def _createdir(self):
3132
old_mask = os.umask(0o077)
@@ -37,6 +38,7 @@ def _createdir(self):
3738
os.umask(old_mask)
3839

3940
def exec_code(self, code_str, keywords):
41+
self.validateBannedKeywords(code_str)
4042
_id = str(uuid.uuid7())
4143
success = '{"code":200,"msg":"成功","data":exec_result}'
4244
err = '{"code":500,"msg":str(e),"data":None}'
@@ -94,6 +96,11 @@ def _exec_sandbox(self, _code, _id):
9496
os.remove(exec_python_file)
9597
return subprocess_result
9698

99+
def validateBannedKeywords(self, code_str):
100+
matched = next((bad for bad in self.banned_keywords if bad in code_str), None)
101+
if matched:
102+
raise Exception(f"keyword '{matched}' is banned in the tool.")
103+
97104
@staticmethod
98105
def _exec(_code):
99106
return subprocess.run([python_directory, '-c', _code], text=True, capture_output=True)

installer/Dockerfile-base

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,8 @@ ENV PGDATA=/opt/maxkb/data/postgresql/pgdata \
3939
REDIS_PASSWORD=Password123@redis \
4040
LANG=en_US.UTF-8 \
4141
MAXKB_LOG_LEVEL=INFO \
42-
MAXKB_SANDBOX_PYTHON_PACKAGE_PATHS=/opt/py3/lib/python3.11/site-packages,/opt/maxkb-app/sandbox/python-packages,/opt/maxkb/python-packages \
42+
MAXKB_SANDBOX_PYTHON_PACKAGE_PATHS="/opt/py3/lib/python3.11/site-packages,/opt/maxkb-app/sandbox/python-packages,/opt/maxkb/python-packages" \
43+
MAXKB_SANDBOX_PYTHON_BANNED_KEYWORDS="subprocess.,system(,exec(,pty.,eval(,compile(,shutil.,input(" \
4344
MAXKB_ADMIN_PATH=/admin
4445

4546
EXPOSE 6379

0 commit comments

Comments
 (0)